{% extends "base.html" %}

{% block title %}{{ cve.cve_id }} - {{ super() }}{% endblock %}

{% block content %}
{% from "_macros.html" import render_tag %}

<section class="content-header">
    <h1>{{ cve.cve_id }}</h1>
    <ol class="breadcrumb">
        <li><a href="{{ url_for('main.home') }}">OpenCVE</a></li>
        <li><a href="{{ url_for('main.cves') }}">Vulnerabilities (CVE)</a></li>
        <li class="active">{{ cve.cve_id }}</li>
    </ol>
</section>

<section class="content">
    <div class="row">
        <div class="col-md-9">
            <div class="box box-primary">
                <div class="box-body">
                    <span class="dropcap">{{ cve.summary[:1] }}</span>{{ cve.summary[1:] }}
                </div>
            </div>

            {% if cve.json.impact.baseMetricV3 or cve.json.impact.baseMetricV2 %}
            <div class="nav-tabs-custom nav-tabs-primary">
                <ul class="nav nav-tabs">
                    {% if cve.json.impact.baseMetricV3 %}
                    <li class="active"><a href="#cvss3" data-toggle="tab">CVSS v3.0 <span
                            class="label {{ cvss_bg(cve.json.impact.baseMetricV3.cvssV3.baseScore)[1] }} label-cvss">{{ cve.json.impact.baseMetricV3.cvssV3.baseScore }} {{ cve.json.impact.baseMetricV3.cvssV3.baseSeverity }}</span></a>
                    </li>
                    {% endif %}
                    {% if cve.json.impact.baseMetricV2 %}
                    <li {% if not cve.json.impact.baseMetricV3 %}class="active" {% endif %}><a href="#cvss2"
                                                                                               data-toggle="tab">CVSS
                        v2.0 <span
                                class="label {{ cvss_bg(cve.json.impact.baseMetricV2.cvssV2.baseScore)[1] }} label-cvss">{{ cve.json.impact.baseMetricV2.cvssV2.baseScore }} {{ cve.json.impact.baseMetricV2.severity }}</span></a>
                    </li>
                    {% endif %}
                </ul>
                <div class="tab-content">
                    {% if cve.json.impact.baseMetricV3 %}
                    <div class="tab-pane active" id="cvss3">
                        {% include "_includes/cvss3.html" %}
                    </div>
                    {% endif %}
                    {% if cve.json.impact.baseMetricV2 %}
                    <div class="tab-pane {% if not cve.json.impact.baseMetricV3 %}active{% endif%}" id="cvss2">
                        {% include "_includes/cvss2.html" %}
                    </div>
                    {% endif %}
                </div>
            </div>
            {% else %}
            <div class="box box-primary">
                <div class="box-header">
                    <div class="box-title">CVSS</div>
                </div>
                <div class="box-body">
                    <p class="alert alert-info">No CVSS.</p>
                </div>
            </div>
            {% endif %}

            <div class="box box-primary">
                <div class="box-header">
                    <div class="box-title">References</div>
                    <div class="box-tools pull-right">
                        <button type="button" class="btn btn-box-tool" data-widget="collapse"><i
                                class="fa fa-minus"></i></button>
                    </div>
                </div>
                <div class="box-body">
                    {% if cve.json.cve.references.reference_data %}
                    <table class="table table-bordered">
                        <thead>
                            <th>Link</th>
                            <th>Resource</th>
                        </thead>
                        <tbody>
                        {% for ref in cve.json.cve.references.reference_data %}
                        <tr>
                            <td class="col-md-8 td-ellipsis"><a href="{{ ref.url }}" target="_blank">{{ ref.url }}</a>
                            </td>
                            <td class="col-md-4">{% for tag in ref.tags %}<span class="badge bg-info">{{ tag }}</span>
                                {% endfor %}
                            </td>
                        </tr>
                        {% endfor %}
                        </tbody>
                    </table>
                    {% else %}
                    <p class="alert alert-info">No reference.</p>
                    {% endif %}
                </div>
            </div>

            <div class="box box-primary">
                <div class="box-header">
                    <div class="box-title">Configurations</div>
                    <div class="box-tools pull-right">
                        <button type="button" class="btn btn-box-tool" data-widget="collapse"><i
                                class="fa fa-minus"></i></button>
                    </div>
                </div>
                {% if cve.json.configurations.nodes %}
                <div class="box-body">
                    {% for conf in cve.json.configurations.nodes %}
                    <p><strong>Configuration {{ loop.index }}</strong> (<a class="pointer config-toggle"
                                                                           id="config-{{ loop.index }}">hide</a>)</p>
                    {% if conf.operator == 'AND'%}
                    {% set children = conf.children %}
                    {% else %}
                    {% set children = [conf] %}
                    {% endif %}

                    <table class="table table-configuration" id="config-{{ loop.index }}-table">
                        <tr>
                            {% if children|length > 1 %}
                            <td class="col-md-1 rowspaned">AND</td>
                            {% endif %}
                            <td class="col-md-11 and">
                                {% for child in children %}
                                <table class="table table-bordered no-margin-bottom">
                                    {% for cpe in child.cpe_match %}
                                    <tr>
                                        {% if loop.index == 1 and child.cpe_match|length > 1 %}
                                        <td class="col-md-1 rowspaned" rowspan="{{ child.cpe_match|length }}">OR</td>
                                        {% endif %}
                                        <td>{{ cpe.cpe23Uri }}</td>
                                    </tr>
                                    {% endfor %}
                                </table>
                                {% endfor %}
                            </td>
                        </tr>
                    </table>

                    <hr/>
                    {% endfor %}
                </div>
                {% else %}
                <div class="box-body">
                    <p class="alert alert-info">No configuration.</p>
                </div>
                {% endif %}
            </div>
        </div>

        <div class="col-md-3">
            {% if current_user.is_authenticated %}
            <div class="box box-primary">
                <div class="box-header with-border">
                    <h3 class="box-title">Tags</h3>
                    <div class="box-tools pull-right">
                        <button type="button" class="btn btn-box-tool" data-toggle="modal" data-target="#modal-tags"><i class="fa fa-edit"></i>
                        </button>
                    </div>
                </div>
                {% if cve.tags %}
                <div class="box-body">
                    {% for tag in cve.tags %}
                    <a
                        href="{{ url_for('main.cves', tag=tag.name) }}"
                        data-toggle="tooltip"
                        data-container="body"
                        title="{{ tag.description }}"
                    >{{ render_tag(tag) }}</a>
                    {% endfor %}
                </div>
                {% endif %}
            </div>
            {% endif %}

            <div class="box box-primary">
                <div class="box-header">
                    <div class="box-title">Information</div>
                </div>
                <div class="box-body">
                    <p><strong>Published :</strong> {{ cve.created_at.strftime('%Y-%m-%d %H:%M') }}</p>
                    <p><strong>Updated :</strong> {{ cve.updated_at.strftime('%Y-%m-%d %H:%M') }}</p>
                    <hr/>
                    <p><strong><i class="fa fa-external-link"></i> NVD link :</strong> <a
                            href="https://nvd.nist.gov/vuln/detail/{{ cve.cve_id }}" target="_blank">{{
                        cve.cve_id }}</a></p>
                    <p><strong><i class="fa fa-external-link"></i> Mitre link :</strong> <a
                            href="https://cve.mitre.org/cgi-bin/cvename.cgi?name={{ cve.cve_id }}" target="_blank">{{
                        cve.cve_id }}</a></p>
                    <hr/>
                    <p><strong><i class="fa fa-code"></i> JSON object :</strong> <a class="pointer" data-toggle="modal"
                                                                                    data-target="#modal-default">View</a>
                    </p>
                </div>
            </div>

            <div class="box box-primary">
                <div class="box-header">
                    <div class="box-title">Products Affected</div>
                </div>
                {% if vendors %}
                <div class="box-body">
                    {% for vendor, products in vendors.items() %}
                    <p><strong>{{ vendor }}</strong></p>
                    <ul>
                        {% for product in products %}
                        <li>{{ product }}</li>
                        {% endfor %}
                    </ul>
                    {% endfor %}
                </div>
                {% else %}
                <div class="box-body">
                    <p class="alert alert-info">No product.</p>
                </div>
                {% endif %}
            </div>

            <div class="box box-primary">
                <div class="box-header">
                    <div class="box-title">CWE</div>
                </div>
                <div class="box-body">
                    {% if cwes %}
                        {% for cwe_id, name in cwes.items() %}
                        <strong><a href="{{ url_for('main.cves', cwe=cwe_id) }}">{{ cwe_id }}</a></strong>
                        {% if name %}<p class="cwe-name">{{ name }}</p>{% endif %}
                        {% endfor %}
                    {% else %}
                    <p class="alert alert-info">No CWE.</p>
                    {% endif %}
                </div>
            </div>
        </div>

    </div>

</section>

<div class="modal fade" id="modal-default">
    <div class="modal-dialog modal-lg">
        <div class="modal-content">
            <div class="modal-header">
                <button type="button" class="close" data-dismiss="modal" aria-label="Close">
                    <span aria-hidden="true">&times;</span></button>
                <h4 class="modal-title">JSON object</h4>
            </div>
            <div class="modal-body codejson">
                {{ cve_dumped }}
            </div>
            <div class="modal-footer">
                <button type="button" class="btn btn-default pull-right" data-dismiss="modal">Close</button>
            </div>
        </div>
    </div>
</div>

<div class="modal fade" id="modal-tags">
    <div class="modal-dialog">
      <div class="modal-content">
        <form action="{{ url_for('main.cve_associate_tags', cve_id=cve.cve_id) }}" method="POST">
            <input type="hidden" name="csrf_token" value="{{ csrf_token() }}"/>
            <div class="modal-header">
            <button type="button" class="close" data-dismiss="modal" aria-label="Close">
                <span aria-hidden="true">&times;</span></button>
            <h4 class="modal-title">Attach tags to <code>{{ cve.cve_id }}</code></h4>
            </div>
            <div class="modal-body">
                <div class="form-group">
                    <label>Select your tags</label>
                    <select class="form-control select2" id="select2-tags" multiple="multiple" data-placeholder="Select a tag"
                            style="width: 100%;" data-values='{{ cve_tags_encoded }}' name="tags">
                        {% for tag in user_tags %}
                        <option>{{ tag.name }}</option>
                        {% endfor %}
                    </select>
                </div>
            </div>
            <div class="modal-footer">
                <button type="button" class="btn btn-default pull-left" data-dismiss="modal">Close</button>
                <a class="btn btn-default pull-left" href="{{ url_for('main.tags') }}">Manage your tags</a>
                <button type="submit" class="btn btn-primary">Update associated tags</button>
            </div>
        </form>
      </div>
    </div>
</div>


{% endblock %}